Received: by 2002:a25:1985:0:0:0:0:0 with SMTP id 127csp4484458ybz; Tue, 21 Apr 2020 01:14:27 -0700 (PDT) X-Google-Smtp-Source: APiQypJ6elTmvhksqk72ciANFfe0aWpDqMgiBGqcA9RLCv+0xMo20fQ9IWgOuY41mIxJzlyVmCkF X-Received: by 2002:a5d:664f:: with SMTP id f15mr22117072wrw.72.1587456866845; Tue, 21 Apr 2020 01:14:26 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1587456866; cv=none; d=google.com; s=arc-20160816; b=05syjluygv81A8pItLzt7vnYBlcRomLDA9R49D42uFao/a3HNMYfijhzT6CaMmGSEj aMUyfcqQUKu/Payt8lsOsO51eXGHZcXwKEpIbq5SNirrcdnJPqVyQpCJFxjyqprdPOdJ OTRAvm1p1ZMphbXYCgVZp4/pvg60Mogc6dCaGmCZilNW5rLGtfUJzjmX0+QYwCtNZp4R x/qnyusGvh41KHpPy4sbE66huv43D41uJ6czg1OuKlw2Pi1tU/OLlGzv6txTEWsNUtq7 HT5JZToHPMPVOzfRe8ZxfXOKp80WwR9TZOR//U4UsQ4m3qmzVBB7oTE5kZEEiwPx8JV0 cdWQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:message-id:date:subject:cc :to:from; bh=JWyZNlgon47KHjQwjghByrTKXisiUmn5pFLxeaVp9iE=; b=kiGKgLHyU0ZVbhgufxw3L8JTTHm/JZFLkh5sAIYoicTy85NPuMzpYizESwgDYPNLDJ ad1ThBJEgRLqjDKfz9o4HVAoDRMlxS090IQqkYaYoDqwVpkMCf1dVrttCwaxIBP/hzi6 otYcqO9X/xBBLuZTdAWRy+S0qZt/e/0WN/I7JRhwruLGlXOUcmS3Ym2AVWV+8uWDYORE GImAdIMaEWrX9lKRoxWcD/118e+3AgOMdCqA7WjcwschvXItmVJ8ii8gfnmCeRNlwosZ nUMfMcL3FNyLAKUfA2myzTSB3/dXaVkfgwgnXzVxNZJP6RVdaEGqNKvpyJAu672BmjQU 3g9w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id cb14si1138221ejb.80.2020.04.21.01.13.40; Tue, 21 Apr 2020 01:14:26 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728214AbgDUIJn (ORCPT + 99 others); Tue, 21 Apr 2020 04:09:43 -0400 Received: from szxga07-in.huawei.com ([45.249.212.35]:56568 "EHLO huawei.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1727889AbgDUIJm (ORCPT ); Tue, 21 Apr 2020 04:09:42 -0400 Received: from DGGEMS413-HUB.china.huawei.com (unknown [172.30.72.60]) by Forcepoint Email with ESMTP id 4E462C5A192B1903B93A; Tue, 21 Apr 2020 16:09:35 +0800 (CST) Received: from localhost.localdomain (10.69.192.56) by DGGEMS413-HUB.china.huawei.com (10.3.19.213) with Microsoft SMTP Server id 14.3.487.0; Tue, 21 Apr 2020 16:09:27 +0800 From: Tian Tao To: , , , , , , , , , CC: Subject: [PATCH] arm32: fix flushcache syscall with device address Date: Tue, 21 Apr 2020 16:08:34 +0800 Message-ID: <1587456514-61156-1-git-send-email-tiantao6@hisilicon.com> X-Mailer: git-send-email 2.7.4 MIME-Version: 1.0 Content-Type: text/plain X-Originating-IP: [10.69.192.56] X-CFilter-Loop: Reflected Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org An issue has been observed on our Kungpeng916 systems when using a PCI express GPU. This occurs when a 32 bit application running on a 64 bit kernel issues a cache flush operation to a memory address that is in a PCI BAR of the GPU.The results in an illegal operation and subsequent crash. Signed-off-by: Tian Tao Signed-off-by: Lixin Chen Reviewed-by: Jonathan Cameron --- arch/arm64/kernel/sys_compat.c | 69 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 69 insertions(+) diff --git a/arch/arm64/kernel/sys_compat.c b/arch/arm64/kernel/sys_compat.c index 3c18c24..6c07944 100644 --- a/arch/arm64/kernel/sys_compat.c +++ b/arch/arm64/kernel/sys_compat.c @@ -15,12 +15,74 @@ #include #include #include +#include #include #include #include #include +static long __check_pt_cacheable(unsigned long vaddr) +{ + struct mm_struct *mm = current->mm; + pgd_t *pgd; + p4d_t *p4d; + pud_t *pud; + pudval_t pudval; + pmd_t *pmd; + pmdval_t pmdval; + pte_t *pte; + pteval_t pteval; + pgprot_t pgprot; + + spin_lock(&mm->page_table_lock); + pgd = pgd_offset(mm, vaddr); + if (pgd_none(*pgd) || unlikely(pgd_bad(*pgd))) + goto no_page; + + p4d = p4d_offset(pgd, vaddr); + if (p4d_none(*p4d) || unlikely(p4d_bad(*p4d))) + goto no_page; + + pud = pud_offset(p4d, vaddr); + if (pud_none(*pud) || unlikely(pud_bad(*pud))) + goto no_page; + if (pud_huge(*pud)) { + pudval = pud_val(*pud); + pgprot = __pgprot(pudval); + goto out; + } + + pmd = pmd_offset(pud, vaddr); + if (pmd_none(*pmd) || unlikely(pmd_bad(*pmd))) + goto no_page; + if (pmd_huge(*pmd)) { + pmdval = pmd_val(*pmd); + pgprot = __pgprot(pmdval); + goto out; + } + + pte = pte_offset_map(pmd, vaddr); + if (!pte_present(*pte) || pte_none(*pte)) + goto no_page; + pteval = pte_val(*pte); + pgprot = __pgprot(pteval); + +out: + pgprot.pgprot &= PTE_ATTRINDX_MASK; + if (pgprot.pgprot != PTE_ATTRINDX(MT_NORMAL)) { + pr_debug("non-cache page pgprot value=0x%llx.\n", + pgprot.pgprot); + goto no_page; + } + spin_unlock(&mm->page_table_lock); + return 1; + +no_page: + spin_unlock(&mm->page_table_lock); + return 0; +} + static long __do_compat_cache_op(unsigned long start, unsigned long end) { @@ -32,6 +94,13 @@ __do_compat_cache_op(unsigned long start, unsigned long end) if (fatal_signal_pending(current)) return 0; + /* do not flush page table is non-cacheable */ + if (!__check_pt_cacheable(start)) { + cond_resched(); + start += chunk; + continue; + } + if (cpus_have_const_cap(ARM64_WORKAROUND_1542419)) { /* * The workaround requires an inner-shareable tlbi. -- 2.7.4